Story #6847
closedStory #6331: [Epic] Add SSL support
As an installer user, I can configure Pulp to run with TLS enabled using self-signed certificates
100%
Description
Background¶
In some cases users of Pulp users want TLS and would like to have self-signed certificates. The motivation is for installations where the user doesn't have existing certs and letsencrypt certs are not an option because the the pulp host is not internet accessible.
Solution¶
Add options to the installer for the user to express their intent to have Pulp create and use self-signed TLS certificates. If provided, the installer should create self-signed certificates for the hostname of the host. The certificates should be used to configure either the Apache or Nginx configuration Pulp to run on port 443 with TLS enabled.
This option would not be enabled by default.
Updated by bmbouter over 4 years ago
- Tracker changed from Issue to Story
- % Done set to 0
Updated by pulpbot over 4 years ago
- Status changed from NEW to POST
Updated by dkliban@redhat.com over 4 years ago
- Groomed changed from No to Yes
- Sprint set to Sprint 74
Updated by pulpbot over 4 years ago
Added by spredzy over 4 years ago
Added by spredzy over 4 years ago
Revision 83e9b685 | View on GitHub
pulp_webserver: Add support for TLS configuration
Enable HTTPS by default when deploying a new pulp server. One can either specify the value of the certificate and the key. Or, if none available, can have the installer generating them.
Support has been added for both nginx and apache.
fixes #6845 https://pulp.plan.io/issues/6845 fixes #6847 https://pulp.plan.io/issues/6847
Co-Authored-By: Matthias Dellweg mdellweg@redhat.com
Updated by spredzy over 4 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset ansible-pulp|83e9b685ec2f4cf488b54932ff4023d1046fd662.
Updated by ttereshc about 4 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
pulp_webserver: Add support for TLS configuration
Enable HTTPS by default when deploying a new pulp server. One can either specify the value of the certificate and the key. Or, if none available, can have the installer generating them.
Support has been added for both nginx and apache.
fixes #6845 https://pulp.plan.io/issues/6845 fixes #6847 https://pulp.plan.io/issues/6847
Co-Authored-By: Matthias Dellweg mdellweg@redhat.com